In this article, we will discuss about a broadcast storm and its effects and how we can eliminate them.
A Broadcast Storm is basically a situation when an abruptly large number of broadcast packets in a very small amount of time. Due to the broadcast storm, the network quality degrades significantly. It leads to broadcast and multicast traffic accumulation on a computer network.
This condition can lead to consume all the network, so, it will be unable to transfer normal amount of traffic at that time. A Broadcast Packet that leads to such situation is often called Chernobyl Packet.
A Broadcast packet uses Air as a medium to transfer the broadcast to any listener at the same frequency. A broadcast packet uses the destination header in the following ways :
ff-ff-ff-ff-ff-ff (Layer 2 broadcast)
255.255.255.255 (Layer 3 broadcast)
Root Causes of a Broadcast Storm :
When a user wants to connect to a specific hub of network but, by mistake, it gets connected to another switch port. This will catch all the frames and keep them within the loop. For Example - When the computer connects to port while being connected to wireless network also, the network sets to bridging mode.
Improper VLAN configuration settings can create a loop that finally leads to a broadcast storm.
Too big Broadcast Domain - If the Broadcast is too big, then the amount of traffic in a domain is directly proportional to size of the broadcast domain, i.e. the number hosts in a L2 VLAN or L3 subnet.
High Volume of requests for IP address via DHCP - DHCP is the most easiest way for a networking host to get the IP address from a network controller. DHCP uses either broadcast or unicast packets as their medium. For Example - when the network is back online after a outage, all the members on that network try to obtain the IP address.
Steps to prevent a Broadcast Storm :
Anti-virus Firewalls can be used to detect and remove malicious and intentionally induced broadcast storms to disrupt the network.
The more often ARP tables are cleared, the more often broadcast requests occur.
Storm protocols and equivalent controlling techniques allow to limit the broadcast packets.
Disable broadcasts on Layer 3 devices. If a storm originated from the WAN, then shutting off IP directed broadcasts will solve the issue.
Splitting the broadcast domain will help in diverting the broadcast traffic. By creating a new VLAN network, we can divert more than half of the traffic to the other network. It will help in reducing the storms a lot.
Regular maintenance of Switches ensure that they don't face any hardware failure.
Checking for loops in switches help to upstream the unmanaged switch. The unmanaged switches in order to respond to the broadcasts sometimes flood the network with a lot of unnecessary traffic.
To summarize all the above, the following elements play an effective role in creating a broadcast storm:
Poor network management
Poor monitoring of the network
The use of cheap hubs & ports
Improper network configuration
The lack of a network diagram design, needed for proper management and to provide guidelines for all network traffic routes
